Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/513/8_FyxId8E8h9ByPo95KTYmnRtes.roa
File: 8_FyxId8E8h9ByPo95KTYmnRtes.roa (raw, json)
Hash identifier: Rdj1uElKwc69xQy+JGPHFz4MGWFrkXNzt7raZHdo0HM=
Subject key identifier: F3:F1:72:C4:87:7C:13:C8:7D:07:23:E8:F7:92:93:62:69:D1:B5:EB
Certificate issuer: /CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Certificate serial: 1C36
Authority key identifier: EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/8_FyxId8E8h9ByPo95KTYmnRtes.roa
Signing time: Sun 05 May 2024 04:54:14 +0000
ROA not before: Sun 05 May 2024 04:54:14 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 55995
IP address blocks: 112.75.0.0/16 maxlen: 24
112.75.104.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7222 (0x1c36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EFCA4677F321F4DF2317391F98E223646745E7EE
Validity
Not Before: May 5 04:54:14 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=F3F172C4877C13C87D0723E8F792936269D1B5EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:95:1c:7b:13:61:db:b4:cb:4b:97:d2:93:ab:
17:1e:10:fb:1c:a1:41:eb:b6:5b:2f:84:50:cd:5d:
df:df:67:b6:62:b8:43:2a:07:a1:35:fc:50:d3:7c:
e7:08:5c:9b:28:66:dc:41:1b:2c:35:82:21:11:45:
b3:bd:ef:74:02:16:13:c0:73:62:57:6f:cf:1a:ea:
e3:09:f3:92:b7:3e:3a:0f:c8:8b:12:02:25:d0:50:
eb:61:39:0e:85:32:3f:af:5a:a7:fd:92:06:a8:e9:
20:43:fe:ef:7d:43:c5:dc:f2:9b:b9:69:6e:48:fa:
03:dd:8f:d2:82:3b:ab:b1:ab:80:fa:ab:a7:64:cf:
45:e8:de:b2:f9:2d:94:62:a4:8a:b7:7c:f7:8d:fc:
b1:6e:9c:d6:88:2c:f9:ad:6c:a4:2c:81:c2:8a:ae:
d3:58:58:d4:40:00:63:08:bb:87:23:cf:92:23:4f:
43:56:fa:5c:a4:88:6a:ff:1e:65:d8:f4:3b:60:53:
36:40:d5:48:6e:92:b1:f8:0a:8c:cb:b3:45:a0:ef:
a6:eb:6d:36:95:ae:de:ec:88:7f:68:12:9b:9e:4c:
8b:78:32:25:ae:3c:7f:b9:d2:1f:a5:d1:3c:e8:80:
d3:a0:3c:5d:f8:91:02:76:69:6c:02:2e:65:20:67:
f3:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F1:72:C4:87:7C:13:C8:7D:07:23:E8:F7:92:93:62:69:D1:B5:EB
X509v3 Authority Key Identifier:
keyid:EF:CA:46:77:F3:21:F4:DF:23:17:39:1F:98:E2:23:64:67:45:E7:EE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/78pGd_Mh9N8jFzkfmOIjZGdF5-4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/78pGd_Mh9N8jFzkfmOIjZGdF5-4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/513/8_FyxId8E8h9ByPo95KTYmnRtes.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
112.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:f9:b9:ed:39:60:e6:0a:9d:9d:66:9d:0c:71:d2:d3:55:19:
79:3e:2b:6f:83:cb:0f:e5:7a:d0:3f:42:b7:5c:b6:f7:86:8d:
4c:00:b3:42:3f:d1:1e:7a:3a:e5:f5:7d:ef:b5:ca:ff:b1:e3:
c5:22:92:b3:b2:c8:3d:22:07:65:e8:ef:23:81:91:96:50:74:
c9:75:42:a5:2a:55:cc:29:5f:cf:99:19:47:6b:88:86:46:51:
30:6f:f2:b1:10:bb:83:ec:f1:c7:a7:a2:43:dd:36:95:15:a2:
5d:6b:fa:f4:e1:e1:40:84:68:3c:f1:01:3f:ef:6e:eb:c0:e0:
27:45:e6:07:d6:63:41:8c:02:ba:71:03:3f:4b:e3:ad:db:51:
39:09:7d:8b:bd:9a:c4:89:85:70:ae:a0:99:28:e5:71:4f:3f:
a6:7c:32:02:c0:ad:53:2d:07:9a:dd:4d:7b:31:47:20:2b:d7:
d1:1a:02:6a:01:0b:88:f4:21:ec:c7:e7:db:a8:67:44:66:ee:
29:df:d0:4c:22:4a:fb:f5:70:ff:e5:8b:ae:11:7e:18:88:53:
a6:09:eb:b1:73:0e:bf:3c:e7:ae:92:fc:00:1c:8d:dd:82:1b:
c1:bf:93:a6:3d:00:38:1b:87:59:38:a2:9e:12:0c:bb:10:3e:
e0:51:0f:39
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICHDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUZD
QTQ2NzdGMzIxRjRERjIzMTczOTFGOThFMjIzNjQ2NzQ1RTdFRTAeFw0yNDA1MDUw
NDU0MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYzRjE3MkM0ODc3QzEz
Qzg3RDA3MjNFOEY3OTI5MzYyNjlEMUI1RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2lRx7E2HbtMtLl9KTqxceEPscoUHrtlsvhFDNXd/fZ7ZiuEMq
B6E1/FDTfOcIXJsoZtxBGyw1giERRbO973QCFhPAc2JXb88a6uMJ85K3PjoPyIsS
AiXQUOthOQ6FMj+vWqf9kgao6SBD/u99Q8Xc8pu5aW5I+gPdj9KCO6uxq4D6q6dk
z0Xo3rL5LZRipIq3fPeN/LFunNaILPmtbKQsgcKKrtNYWNRAAGMIu4cjz5IjT0NW
+lykiGr/HmXY9DtgUzZA1UhukrH4CozLs0Wg76brbTaVrt7siH9oEpueTIt4MiWu
PH+50h+l0TzogNOgPF34kQJ2aWwCLmUgZ/PdAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU8/FyxId8E8h9ByPo95KTYmnRteswHwYDVR0jBBgwFoAU78pGd/Mh9N8jFzkf
mOIjZGdF5+4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEz
Lzc4cEdkX01oOU44akZ6a2ZtT0lqWkdkRjUtNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvNzhwR2RfTWg5TjhqRnprZm1PSWpaR2RGNS00LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTEzLzhfRnl4SWQ4RThoOUJ5
UG85NUtUWW1uUnRlcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD
AwBwSzANBgkqhkiG9w0BAQsFAAOCAQEAg/m57Tlg5gqdnWadDHHS01UZeT4rb4PL
D+V60D9Ct1y294aNTACzQj/RHno65fV977XK/7HjxSKSs7LIPSIHZejvI4GRllB0
yXVCpSpVzClfz5kZR2uIhkZRMG/ysRC7g+zxx6eiQ902lRWiXWv69OHhQIRoPPEB
P+9u68DgJ0XmB9ZjQYwCunEDP0vjrdtROQl9i72axImFcK6gmSjlcU8/pnwyAsCt
Uy0Hmt1NezFHICvX0RoCagELiPQh7Mfn26hnRGbuKd/QTCJK+/Vw/+WLrhF+GIhT
pgnrsXMOvzznrpL8AByN3YIbwb+Tpj0AOBuHWTiinhIMuxA+4FEPOQ==
-----END CERTIFICATE-----
Generated at Sun May 5 07:32:44 2024 by rpki-client on console-ams.rpki-client.org